iptables won't start today
Rick Stevens
rstevens at vitalstream.com
Thu Apr 22 20:51:26 UTC 2004
Chuck Campbell wrote:
> Fedora core 1, kernel version 2.4.22-1.2174.nptlBOOT
>
> All was working perfectly two days ago, then quit yesterday. No reboot, nothing
> I can figure out.
>
> I cannot establish a connection from the outside world to our server.
> I verified that the port forwarding in the router table is correct, and that
> the protocol (tcp) and port (27500) and internal and external ip addresses
> are correct in the router. All is fine there.
>
> I can connect to this port using the host name or localhost from the
> server machine itself. I suspect iptables problems.
>
> I did iptables -L and I get:
>
> [root at watchdog rc2.d]# iptables -L
>
> iptables v1.2.9: can't initialize iptables table `filter': iptables who? (do you need to insmod?)
> Perhaps iptables or your kernel needs to be upgraded.
>
> I did lsmod and got this:
> [root at watchdog fed-updates]# lsmod
> Module Size Used by Not tainted
> 8139too 14504 1
> mii 3608 0 [8139too]
> ext3 61796 1
> jbd 46412 1 [ext3]
>
> nothing about iptables there...
>
> I tried to start it manually and got the following:
>
> [root at watchdog rc2.d]# ./S08iptables start
> Applying iptables firewall rules: iptables-restore v1.2.9: iptables-restore: unable to initializetable 'filter'
>
> Error occurred at line: 3
> Try `iptables-restore -h' or 'iptables-restore --help' for more information.
> [FAILED]
>
> Bizarre, because it was working three days ago. I rebooted the machine and get
> the same result.
>
> I looked to see what version I was running:
>
> [root at watchdog fed-updates]# rpm -qa|grep iptables
> iptables-debuginfo-1.2.9-1.0
> iptables-devel-1.2.9-1.0
> iptables-1.2.9-1.0
> iptables-ipv6-1.2.9-1.0
>
> I have the following in my updates directory:
>
> [root at watchdog fed-updates]# ls -lart ip*
> -rw-r--r-- 1 root root 118143 Feb 4 13:03 iptables-ipv6-1.2.9-1.0.i386.rpm
> -rw-r--r-- 1 root root 4699 Feb 4 13:03 iptables-ipv6-0-1.2.9-1.0.i386.hdr
> -rw-r--r-- 1 root root 39810 Feb 4 13:03 iptables-devel-1.2.9-1.0.i386.rpm
> -rw-r--r-- 1 root root 3956 Feb 4 13:03 iptables-devel-0-1.2.9-1.0.i386.hdr
> -rw-r--r-- 1 root root 885193 Feb 4 13:03 iptables-debuginfo-1.2.9-1.0.i386.rpm
> -rw-r--r-- 1 root root 9810 Feb 4 13:03 iptables-debuginfo-0-1.2.9-1.0.i386.hdr
> -rw-r--r-- 1 root root 203260 Feb 4 13:03 iptables-1.2.9-1.0.src.rpm
> -rw-r--r-- 1 root root 171617 Feb 4 13:03 iptables-1.2.9-1.0.i386.rpm
> -rw-r--r-- 1 root root 3554 Feb 4 13:03 iptables-0-1.2.9-1.0.src.hdr
> -rw-r--r-- 1 root root 6152 Feb 4 13:03 iptables-0-1.2.9-1.0.i386.hdr
>
>
>
> Help! I need to get this thing back on line.
Did you try "modprobe ip_tables" to see if the module will load? There
are several iptables modules involved...the one that everything's
whining about is iptable_filter.o. I don't have your kernel, but my
iptable_filter.o is 3488 bytes long (.2174nptl, i686), yours may be
be slightly different.
Try "ls /lib/modules/`uname -r`/kernel/net/ipv4/netfilter/ip*" and
verify that the modules are there.
If either fail, try reinstalling the latest iptables RPMs. That can
be done by "rpm -Uvh --force iptables-1.2.9-1.0.i386.rpm" and, if you
want, the source, development, ipV6 and debug versions which you seem
to have installed.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- You know the old saying--any technology sufficiently advanced is -
- indistinguishable from a Perl script -
- --Programming Perl, 2nd Edition -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list